Cisco Cisco Aironet 1200 Access Point 기술 참조
Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide
Implementing the Cisco SWAN Framework
23
Cisco Structured Wireless-Aware Network (SWAN) Implementation Guide
OL-6217-01
Step 8
Enter the following to define AAA parameters for client authentication:
wds-ap(config)# radius-server host <ip address> auth-port <auth-port> acct-port
<acct-port> key <shared secret>
wds-ap(config)# aaa group server radius client_group
wds-ap(config-sg-radius)# server <ip address> auth-port <1812> acct-port <1813>
wds-ap(config)# aaa authentication login client-group group client_group
wds-ap(config)# wlccp authentication-server client any client-group
This step is very important. After the Cisco SWAN topology is established, all 802.1x client
authentications are forwarded through the WDS. If the client authentication group(s) is not properly
configured, WLAN clients are denied network access.
authentications are forwarded through the WDS. If the client authentication group(s) is not properly
configured, WLAN clients are denied network access.
RADIUS servers redefined with the first command are using the same AAA server for infrastructure and
client authentication.
client authentication.
Step 9
Enter the following commands to enable WDS service on the access point:
wds-ap(config)# wlccp wds priority <priority number>
Valid priority values are between 1 and 255 inclusive. The WDS priority field is used to elect a WDS
master access point when more than one access point on the subnet is configured. When multiple access
points are configured to run WDS, an election is held. The access point with the highest WDS priority
value becomes the active WDS and the other access point(s) go into WDS-standby mode. If two or more
access points have the same WDS priority, the tie-breaker is the highest value FastEthernet MAC address
of the competing access points. The active WDS should always be configured with priority value 255.
master access point when more than one access point on the subnet is configured. When multiple access
points are configured to run WDS, an election is held. The access point with the highest WDS priority
value becomes the active WDS and the other access point(s) go into WDS-standby mode. If two or more
access points have the same WDS priority, the tie-breaker is the highest value FastEthernet MAC address
of the competing access points. The active WDS should always be configured with priority value 255.
Step 10
Enter the following command to define the WLCCP credentials for the access point:
wds-ap(config)# wlccp ap username <wlccp_username> password <password>
The WDS-host access point is now registered with the WDS service and serves as an infrastructure
access point.
access point.
Step 11
Define the CiscoWorks WLSE on the WDS access point:
wds-ap(config)# wlccp wnm ip address <wlse ip address>
Subsequent to these steps, customers can configure additional parameters like VLANs, SSIDs, and
encryption settings. Customers may choose to use the CiscoWorks WLSE to do these configurations in
bulk after the CiscoWorks WLSE has discovered the WDS-host and the infrastructure access points.
encryption settings. Customers may choose to use the CiscoWorks WLSE to do these configurations in
bulk after the CiscoWorks WLSE has discovered the WDS-host and the infrastructure access points.
Configuring the Infrastructure Access Point
Configuring the infrastructure access point is much simpler than configuring the WDS access point. The
necessary tasks are as follows:
necessary tasks are as follows:
•
Define SNMP communities
•
Enter a host name for the access point
•
Define Telnet/SSH parameters
•
Define WLCCP credentials
Follow these steps to complete the tasks:
Step 1
Log into the access point command-line interface and enter configuration mode.